Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

ISA, sharepoint and ftp - Forms Based Authentication questions

Posted on 2009-03-30
7
Medium Priority
?
915 Views
Last Modified: 2013-12-04
My company currently has a sharpoint site that is accessed by both internal employees and external clients.  We have created AD accounts for the external people.  We are in the process of setting up and FTP site also that will need the same access.  I am beginning to look into FBA (forms based authentication) so the external users do not need to have accounts created in our active directory.  Would ISA be a good canidate to help me accomplish a cleaner setup of this system?  I am trying to see if this should be an avenue I should look at in order to allow external clients a way to authenticate to our sharepoint and FTP through some central console and allow them access to their info and also allow my internal users a way to securly access these same systems when out of the office?

Thanks for any help.
0
Comment
Question by:martin2478
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24021197
Maybe and maybe not. ISA is a great tool but you sound as though you are moving to the next level here. Have a look at the IAG Server - ISA's sister product in the Forefront: Edge portfolio.

http://www.microsoft.com/forefront/en/us/default.aspx
0
 

Author Comment

by:martin2478
ID: 24021634
Thanks for the response.  I will look more into IAG but it was the forms based authentication that is mentioned in ISA that I am interested in.  Right now I have sharepoint , ftp , and web outlook setup for remote use.  I am really looking for a clean way to authenticate people outside of our company and tie that into them being able to access our ftp and sharepoint sites with the same usernames and passwords without me having to create the accounts in my active directory.

I amy be looking at the wrong app but any more tips would be great.

0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24022807
Understood. But ISA is not a repository. Where are you going to store the account details of external users - I assume an internal SQL server or something?

We used a separate AD in the DMZ and then used identity Lifecycle Manager (ILS) to do all of this with IAG on the outside and ISA on the inside. Have you reviewed the creating the extranet for Sharepoint guides?

That said, if you simply want a control point then yes, ISA will do it.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 

Author Comment

by:martin2478
ID: 24023182
Thanks for the info.  I was planning on using SQL to house external user accounts.

Your setup seems like a secure setup and will have to look into something like that more.

I have not read the extranet for sharepoint guides, I believe I should start there before continuing the conversation to get a better grasp.  But before into reading does this mentality make any sense to you.

Have internal users have AD accounts.  External users use an FBA tied into a SQL database.  Use ISA as a portal for external users to authenticate with and then from there they will have access to our sharepoint and ftp site?

Thanks again for all of your help.  The fog seems to be clearing finally in my head.
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 24023254
your approach is fine - and often adopted. The part where many go wrong is to NOT think about where it might go in the future. For example, if you decide to open up the portal/self-service aspects then are you going to want to have to administrate all of that? the authentication? The authorisation? Small things in the early days but it can grow as the benefits are identified and you want to realise them.

Anyway, this is a useful place to start. For reference we use the split model.
With ISA2006
http://technet.microsoft.com/en-us/library/cc268368.aspx

Extranet
http://technet.microsoft.com/en-us/library/cc263513.aspx#section3
0
 

Author Closing Comment

by:martin2478
ID: 31564323
Thanks for all of your help.  This has me heading in the right direction now.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24043126
Thanks :)
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
A while back, I ran into a situation where I was trying to use the calculated columns feature in SharePoint 2013 to do some simple math using values in two lists. Between certain data types not being accessible, and also with trying to make a one to…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question